Privacy Policy
Last updated: February 28, 2026
What We Collect
When you use SignalDash, we collect:
- Email address - for authentication via magic link (stored in Supabase Auth)
- URLs you submit - the domains you audit
- Audit results - the analysis generated for each domain
- Usage analytics - page views, feature usage, anonymized interaction data (via PostHog)
Legal Basis for Processing (GDPR Art. 6)
- Contract performance (Art. 6(1)(b)) - Authentication, running audits, storing results, managing subscriptions
- Legitimate interest (Art. 6(1)(f)) - Product analytics (PostHog), fraud prevention, service improvement
- Legal obligation (Art. 6(1)(c)) - Tax records for paid subscriptions
How We Use Your Data
- To authenticate you and manage your account
- To run audits on the domains you submit
- To store and display your audit history
- To process payments for Pro subscriptions
- To improve the product based on aggregate usage patterns
Third-Party Services
- Supabase - authentication, database, and edge functions (EU region)
- Stripe - payment processing for Pro subscriptions
- Google Gemini - AI analysis of submitted domains
- PostHog - product analytics (EU-hosted, eu.posthog.com)
- Vercel - frontend hosting and CDN
Cookies
We do not use cookies. Authentication state is stored in localStorage via Supabase Auth. PostHog analytics runs in memory-only mode with cookies disabled.
Data Retention
Audit results are retained for as long as your account is active. Free plan audits are retained for 7 days. You can request deletion of your account and all associated data at any time.
Your Rights
You can request access to, correction of, or deletion of your personal data by contacting us. If you are in the EU, you have rights under GDPR including data portability and the right to lodge a complaint with a supervisory authority.
Data Processing Location
Your data is processed and stored within the European Union. Our infrastructure providers host data in EU regions:
- Supabase - database and authentication (EU region, Frankfurt)
- PostHog - product analytics (EU-hosted, eu.posthog.com)
- Stripe - payment processing (EU-certified, PCI DSS compliant)
Contact
For privacy inquiries: hello@signaldash.dev